Search criteria
6 vulnerabilities by phpscripte24
CVE-2010-1924 (GCVE-0-2010-1924)
Vulnerability from cvelistv5 – Published: 2010-05-12 16:00 – Updated: 2024-08-07 02:17
VLAI
Summary
SQL injection vulnerability in index.php in Hi Web Wiesbaden Live Shopping Multi Portal System allows remote attackers to execute arbitrary SQL commands via the artikel parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/39718 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.exploit-db.com/exploits/12545 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/bid/40040 | vdb-entryx_refsource_BID |
| http://osvdb.org/64512 | vdb-entryx_refsource_OSVDB |
Date Public
2010-05-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:17:12.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39718",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39718"
},
{
"name": "liveshopping-index-sql-injection(58392)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58392"
},
{
"name": "12545",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/12545"
},
{
"name": "40040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40040"
},
{
"name": "64512",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/64512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in Hi Web Wiesbaden Live Shopping Multi Portal System allows remote attackers to execute arbitrary SQL commands via the artikel parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39718",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39718"
},
{
"name": "liveshopping-index-sql-injection(58392)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58392"
},
{
"name": "12545",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/12545"
},
{
"name": "40040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40040"
},
{
"name": "64512",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/64512"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in Hi Web Wiesbaden Live Shopping Multi Portal System allows remote attackers to execute arbitrary SQL commands via the artikel parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39718",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39718"
},
{
"name": "liveshopping-index-sql-injection(58392)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58392"
},
{
"name": "12545",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/12545"
},
{
"name": "40040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40040"
},
{
"name": "64512",
"refsource": "OSVDB",
"url": "http://osvdb.org/64512"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1924",
"datePublished": "2010-05-12T16:00:00.000Z",
"dateReserved": "2010-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:17:12.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1923 (GCVE-0-2010-1923)
Vulnerability from cvelistv5 – Published: 2010-05-12 16:00 – Updated: 2024-08-07 02:17
VLAI
Summary
SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System allows remote attackers to execute arbitrary SQL commands via the id parameter in a showgallery action.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://packetstormsecurity.org/1005-exploits/web2… | x_refsource_MISC |
| http://secunia.com/advisories/39761 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/64513 | vdb-entryx_refsource_OSVDB |
Date Public
2010-05-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:17:12.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "socialnetworking-user-sql-injection(58583)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58583"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/1005-exploits/web20snfcs-sql.txt"
},
{
"name": "39761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39761"
},
{
"name": "64513",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/64513"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System allows remote attackers to execute arbitrary SQL commands via the id parameter in a showgallery action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "socialnetworking-user-sql-injection(58583)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58583"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/1005-exploits/web20snfcs-sql.txt"
},
{
"name": "39761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39761"
},
{
"name": "64513",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/64513"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System allows remote attackers to execute arbitrary SQL commands via the id parameter in a showgallery action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "socialnetworking-user-sql-injection(58583)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58583"
},
{
"name": "http://packetstormsecurity.org/1005-exploits/web20snfcs-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1005-exploits/web20snfcs-sql.txt"
},
{
"name": "39761",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39761"
},
{
"name": "64513",
"refsource": "OSVDB",
"url": "http://osvdb.org/64513"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1923",
"datePublished": "2010-05-12T16:00:00.000Z",
"dateReserved": "2010-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:17:12.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1855 (GCVE-0-2010-1855)
Vulnerability from cvelistv5 – Published: 2010-05-07 20:00 – Updated: 2024-08-07 01:35
VLAI
Summary
SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2010/0670 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/39059 | third-party-advisoryx_refsource_SECUNIA |
| http://packetstormsecurity.org/1003-exploits/ppwb… | x_refsource_MISC |
| http://4004securityproject.wordpress.com/2010/03/… | x_refsource_MISC |
| http://osvdb.org/63131 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/38878 | vdb-entryx_refsource_BID |
| http://www.exploit-db.com/exploits/11816 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2010-03-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:35:53.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-0670",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0670"
},
{
"name": "39059",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39059"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/1003-exploits/ppwb-sql.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://4004securityproject.wordpress.com/2010/03/20/pay-per-watch-bid-auktions-system-blind-sql-injection-auktion-php-id_auk/"
},
{
"name": "63131",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/63131"
},
{
"name": "38878",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38878"
},
{
"name": "11816",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/11816"
},
{
"name": "payperwatch-auktion-sql-injection(57055)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57055"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in auktion.php in Pay Per Watch \u0026 Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the id_auk parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-0670",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0670"
},
{
"name": "39059",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39059"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/1003-exploits/ppwb-sql.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://4004securityproject.wordpress.com/2010/03/20/pay-per-watch-bid-auktions-system-blind-sql-injection-auktion-php-id_auk/"
},
{
"name": "63131",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/63131"
},
{
"name": "38878",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38878"
},
{
"name": "11816",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/11816"
},
{
"name": "payperwatch-auktion-sql-injection(57055)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57055"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in auktion.php in Pay Per Watch \u0026 Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the id_auk parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0670",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0670"
},
{
"name": "39059",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39059"
},
{
"name": "http://packetstormsecurity.org/1003-exploits/ppwb-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1003-exploits/ppwb-sql.txt"
},
{
"name": "http://4004securityproject.wordpress.com/2010/03/20/pay-per-watch-bid-auktions-system-blind-sql-injection-auktion-php-id_auk/",
"refsource": "MISC",
"url": "http://4004securityproject.wordpress.com/2010/03/20/pay-per-watch-bid-auktions-system-blind-sql-injection-auktion-php-id_auk/"
},
{
"name": "63131",
"refsource": "OSVDB",
"url": "http://osvdb.org/63131"
},
{
"name": "38878",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38878"
},
{
"name": "11816",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11816"
},
{
"name": "payperwatch-auktion-sql-injection(57055)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57055"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1855",
"datePublished": "2010-05-07T20:00:00.000Z",
"dateReserved": "2010-05-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T01:35:53.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1854 (GCVE-0-2010-1854)
Vulnerability from cvelistv5 – Published: 2010-05-07 20:00 – Updated: 2024-09-16 23:01
VLAI
Summary
Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this might be resultant from CVE-2010-1855.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://secunia.com/advisories/39059 | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:35:53.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39059",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch \u0026 Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this might be resultant from CVE-2010-1855."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-07T20:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39059",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch \u0026 Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this might be resultant from CVE-2010-1855."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39059",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1854",
"datePublished": "2010-05-07T20:00:00.000Z",
"dateReserved": "2010-05-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:01:03.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1269 (GCVE-0-2010-1269)
Vulnerability from cvelistv5 – Published: 2010-04-06 15:00 – Updated: 2024-08-07 01:21
VLAI
Summary
SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://4004securityproject.wordpress.com/2010/03/… | x_refsource_MISC |
| http://www.exploit-db.com/exploits/11805 | exploitx_refsource_EXPLOIT-DB |
| http://packetstormsecurity.org/1003-exploits/phps… | x_refsource_MISC |
| http://secunia.com/advisories/38971 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2010-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:17.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "niedrig-auktion-sql-injection(57020)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57020"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://4004securityproject.wordpress.com/2010/03/18/phpscripte24-niedrig-gebote-pro-auktions-system-ii-blind-sql-injection-auktion-php/"
},
{
"name": "11805",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/11805"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/1003-exploits/phpscripte24-sql.txt"
},
{
"name": "38971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38971"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "niedrig-auktion-sql-injection(57020)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57020"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://4004securityproject.wordpress.com/2010/03/18/phpscripte24-niedrig-gebote-pro-auktions-system-ii-blind-sql-injection-auktion-php/"
},
{
"name": "11805",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/11805"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/1003-exploits/phpscripte24-sql.txt"
},
{
"name": "38971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38971"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "niedrig-auktion-sql-injection(57020)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57020"
},
{
"name": "http://4004securityproject.wordpress.com/2010/03/18/phpscripte24-niedrig-gebote-pro-auktions-system-ii-blind-sql-injection-auktion-php/",
"refsource": "MISC",
"url": "http://4004securityproject.wordpress.com/2010/03/18/phpscripte24-niedrig-gebote-pro-auktions-system-ii-blind-sql-injection-auktion-php/"
},
{
"name": "11805",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11805"
},
{
"name": "http://packetstormsecurity.org/1003-exploits/phpscripte24-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1003-exploits/phpscripte24-sql.txt"
},
{
"name": "38971",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38971"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1269",
"datePublished": "2010-04-06T15:00:00.000Z",
"dateReserved": "2010-04-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T01:21:17.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1270 (GCVE-0-2010-1270)
Vulnerability from cvelistv5 – Published: 2010-04-06 15:00 – Updated: 2024-08-07 01:21
VLAI
Summary
SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://4004securityproject.wordpress.com/2010/03/… | x_refsource_MISC |
| http://packetstormsecurity.org/1003-exploits/mult… | x_refsource_MISC |
| http://www.exploit-db.com/exploits/11776 | exploitx_refsource_EXPLOIT-DB |
| http://www.osvdb.org/63048 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/38971 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/38793 | vdb-entryx_refsource_BID |
Date Public
2010-03-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:17.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://4004securityproject.wordpress.com/2010/03/16/phpscripte24-auktionshaus-community-standart-system/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/1003-exploits/multiauktions-sql.txt"
},
{
"name": "11776",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/11776"
},
{
"name": "63048",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/63048"
},
{
"name": "auktionhaus-auktion-sql-injection(56935)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56935"
},
{
"name": "38971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38971"
},
{
"name": "38793",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38793"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://4004securityproject.wordpress.com/2010/03/16/phpscripte24-auktionshaus-community-standart-system/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/1003-exploits/multiauktions-sql.txt"
},
{
"name": "11776",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/11776"
},
{
"name": "63048",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/63048"
},
{
"name": "auktionhaus-auktion-sql-injection(56935)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56935"
},
{
"name": "38971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38971"
},
{
"name": "38793",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38793"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://4004securityproject.wordpress.com/2010/03/16/phpscripte24-auktionshaus-community-standart-system/",
"refsource": "MISC",
"url": "http://4004securityproject.wordpress.com/2010/03/16/phpscripte24-auktionshaus-community-standart-system/"
},
{
"name": "http://packetstormsecurity.org/1003-exploits/multiauktions-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1003-exploits/multiauktions-sql.txt"
},
{
"name": "11776",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11776"
},
{
"name": "63048",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/63048"
},
{
"name": "auktionhaus-auktion-sql-injection(56935)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56935"
},
{
"name": "38971",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38971"
},
{
"name": "38793",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38793"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1270",
"datePublished": "2010-04-06T15:00:00.000Z",
"dateReserved": "2010-04-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T01:21:17.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}